There has been a lot of talk lately about traveling internationally and potentially having your laptop confiscated by the U.S. Department of Homeland Security without cause or suspicion (example). They can also share the contents of your laptop with any other agency they like, without consent, and without a guarantee that they won’t further distribute or retain that data.
I’ll focus here on the business implications of this and not tread into the murkier issues of personal privacy. Suffice it to say, if you’ve done something illegal, you reap what you sow (but there should at least be reasonable suspicion).
Almost all business users have corporate documents on their machine (sales presentations, financials, etc.) unless your using a Content Management System (CMS) like SharePoint. What would happen if your upcoming Quarterly Earnings Report was on your confiscated machine and it got leaked early?
An easy way to protect this data is with encryption. Nobody can look at the data without your consent because you would need to provide the password to decrypt the file. Problem is, they can still see the files and force you to decrypt them.
Enter TrueCrypt. With TrueCrypt, you can create an encrypted volume that is nothing more than a file on your machine that you can name whatever you want (“foo.dat” for instance). After creating the encrypted volume, you can mount it as a regular drive letter on your machine and any program can access it as usual. All encryption/decryption happens on the fly in memory, so the data is constantly protected and leaves no traces in temporary files anywhere.
If you are really paranoid, you can create a hidden partition within the encrypted volume. That way, even if you are forced to reveal your password to the main volume (where you stored some innocent/random files) they won’t be able to tell that there was an inner encrypted volume that had the real data on it.
Of course, if you have a laptop, you need to dismount any TrueCrypt volumes before suspending/hibernating or else anyone who forces you to unlock your computer will immediately have access to the encrypted volumes.
Safe Travels!
No comments:
Post a Comment